사이트 내 전체검색
검색목록
우분투12 에서 postfix , libsasl2, courier-pop , courier-imap, courier-mysql, roundcube 설치하기 총정리
로빈아빠
https://cmd.kr/server/984 URL이 복사되었습니다.

본문

################################################
postfix 설치
################################################

1. 설치
apt-get install postfix sasl2-bin
apt-get install libsasl2-modules sasl2-bin  <-- 이부분 필요여부 미확인

2. 설정
dpkg-reconfigure postfix

3. SMTP 인증 
TLS를 위하여 디지털 인증서를 생성, 설정

 openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
278 semi-random bytes loaded
Generating RSA private key, 1024 bit long modulus
....................................++++++
.......................++++++
e is 65537 (0x10001)
Enter pass phrase for smtpd.key:
Verifying - Enter pass phrase for smtpd.key:
$ chmod 600 smtpd.key
$ openssl req -new -key smtpd.key -out smtpd.csr
Enter pass phrase for smtpd.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
$ openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
Signature ok
subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
Getting Private key
Enter pass phrase for smtpd.key:
$ openssl rsa -in smtpd.key -out smtpd.key.unencrypted
Enter pass phrase for smtpd.key:
writing RSA key
$ mv -f smtpd.key.unencrypted smtpd.key
$ openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
Generating a 1024 bit RSA private key
.........++++++
..........++++++
writing new private key to 'cakey.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:
Email Address []:

---------------

cp smtpd.key /etc/ssl/private/
cp smtpd.crt /etc/ssl/certs/
cp cakey.pem /etc/ssl/private/
cp cacert.pem /etc/ssl/certs/

-----------------------


vi /etc/postfix/main.cf 설정 확인


postconf -e "mailbox_command = "
postconf -e 'smtpd_sasl_local_domain ='
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'smtpd_sasl_security_options = noanonymous'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
postconf -e 'inet_interfaces = all'

postconf -e 'smtpd_tls_auth_only = no'
postconf -e 'smtp_use_tls = yes'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtp_tls_note_starttls_offer = yes'
postconf -e 'smtpd_tls_key_file = /etc/ssl/private/smtpd.key'
postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt'
postconf -e 'smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem'
postconf -e 'smtpd_tls_loglevel = 1'
postconf -e 'smtpd_tls_received_header = yes'
postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
postconf -e 'tls_random_source = dev:/dev/urandom'
postconf -e 'myhostname = mail.example.com'

vi /etc/postfix/sasl/smtpd.conf

pwcheck_method:saslauthd
mech_list:plain login
allow_plaintext: true
auxprop_plugin: mysql
sql_hostnames: 127.0.0.1
sql_user: mail_admin
sql_passwd: mail_admin_passwordsql_database: mail
sql_select: select password from mail_users where email = '%u'



/etc/init.d/postfix restart


4) SASL 설정하기
 
SASL를 제대로 사용하기 위해서는 수정해야 할 것이 몇 가지 있습니다. Postfix는 /var/spool/postfix 내에 chroot된 상태로 동작하기 때문에, SASL 역시 그 chroot된 환경 내에서 동작할 수 있도록 설정해야합니다(/var/run/saslauthd 대신에 /var/spool/postfix/var/run/saslauthd가 됩니다). 다음 명령을 입력하십시오:
 
mkdir -p /var/spool/postfix/var/run/saslauthd
rm -rf /var/run/saslauthd

vi /etc/default/saslauthd 
 
START=yes
 
PWDIR="/var/spool/postfix/var/run/saslauthd"
PARAMS="-m ${PWDIR}"
PIDFILE="${PWDIR}/saslauthd.pid"
MECHANISMS="pam"

dpkg-statoverride --force --update --add root sasl 755 /var/spool/postfix/var/run/saslauthd

/etc/init.d/saslauthd restart


5) 테스팅
telnet mail.example.com 25
ehlo mail.example.com

아래 명령이 나와야 함
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME



################################################
courier IMAP와 POP3설치
################################################

sudo apt-get install courier-pop

sudo apt-get install courier-imap

Maildir 설정
maildirmake /etc/skel/Maildir

maildirmake /etc/skel/Maildir/.Drafts

maildirmake /etc/skel/Maildir/.Sent

maildirmake /etc/skel/Maildir/.Trash

maildirmake /etc/skel/Maildir/.Templates

각 사용자에 대해서
cp -r /etc/skel/Maildir /home/myuser/

chown -R myuser:usergroup /home/myuser/Maildir

chmod -R 700 /home/myuser/Maildir


telnet localhost 110

명령을 수행하고
USER your id
PASS your password



Test
smtp 테스트
$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.comingmedia.com ESMTP Postfix (Ubuntu)
ehlo yourdomain.com
250-mail.yourdomain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: root@yourdomain.com
250 2.1.0 Ok
rcpt to: jhanglim@yourdomain.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
Subject: My first mail

Hi,
. (and Enter In a new Line)
250 2.0.0 Ok: queued as C515B863FC
quit
221 2.0.0 Bye
Connection closed by foreign host.

jhanglim에게 메일이 정상적으로 도착했는지 확인
su - fmaster
cd Maildir/new
ls



만약 pop3클라이언트(예 : 선더버드)가 동작하고 있다면 Maildir/new폴더가 아니라 Maildir/cur 폴더에 파일이 있을것이다.
이유 : 이미 po3클라이언트가 메일을 받아갔으므로 새로운 메세지가 아니다.
pop3 확인
$ telnet localhost pop3
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK Hello there.
user <user ID>
+OK Password required.
pass <user Password>
+OK logged in.
imap 확인
$ telnet localhost imap
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc. See COPYING for distribution information.
imap login <user ID> <user password>
imap OK LOGIN Ok.
사용자의 .forward 파일
다음 예와 같이 하면 메일은 자신(cur_user)에게도 가고 forward_user@gmail.com에게도 간다.
예)
$ su - cur_user
$ touch .forward
$ vi .forward
cur_user
forward_user@gmail.com









################################################
postfix 설치
################################################



Now let's create our six text files.

cat > /etc/postfix/mysql-virtual_domains.cf

user = mail_admin
password = mail_admin_password
dbname = mail
table = mail_domains
select_field = 'virtual'
where_field = domain
hosts = 127.0.0.1

cat > /etc/postfix/mysql-virtual_forwardings.cf

user = mail_admin
password = mail_admin_password
dbname = mail
table = mail_forwardings
select_field = destination
where_field = source
hosts = 127.0.0.1

cat > /etc/postfix/mysql-virtual_mailboxes.cf

user = mail_admin
password = mail_admin_password
dbname = mail
table = mail_users
select_field = CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')
where_field = email
hosts = 127.0.0.1

cat > /etc/postfix/mysql-virtual_email2email.cf

user = mail_admin
password = mail_admin_password
dbname = mail
table = mail_users
select_field = email
where_field = email
hosts = 127.0.0.1

cat > /etc/postfix/mysql-virtual_transports.cf
user = mail_admin
password = mail_admin_password
dbname = mail
table = mail_transport
select_field = transport
where_field = domain
hosts = 127.0.0.1

cat > /etc/postfix/mysql-virtual_mailbox_limit_maps.cf

user = mail_admin
password = mail_admin_password
dbname = mail
table = mail_users
select_field = quota
where_field = email
hosts = 127.0.0.1


chmod o= /etc/postfix/mysql-virtual_*.cf
chgrp postfix /etc/postfix/mysql-virtual_*.cf

Now we create a user and group called vmail with the home directory /home/vmail. This is where all mail boxes will be stored.

groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /home/vmail -m






#----------------------------------------
위의 자료에서 select 구분형태로 바꾼것임

vi /etc/postfix/mysql-virtual_domains.cf
user = mail_admin
password = mail_admin_password
dbname = mail
query = SELECT domain AS virtual FROM mail_domains WHERE domain='%s'
hosts = 127.0.0.1



vi /etc/postfix/mysql-virtual_forwardings.cf
user = mail_admin
password = mail_admin_password
dbname = mail
query = SELECT destination FROM mail_forwardings WHERE source='%s'
hosts = 127.0.0.1

vi /etc/postfix/mysql-virtual_mailboxes.cf
user = mail_admin
password = mail_admin_password
dbname = mail
query = SELECT CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') FROM mail_users WHERE email='%s'
hosts = 127.0.0.1

vi /etc/postfix/mysql-virtual_email2email.cf
user = mail_admin
password = mail_admin_password
dbname = mail
query = SELECT email FROM mail_users WHERE email='%s'
hosts = 127.0.0.1

vi /etc/postfix/mysql-virtual_transports.cf
user = mail_admin 
password = mail_admin_password
dbname = mail
query = SELECT transport FROM mail_transport WHERE domain='%s'
hosts = 127.0.0.1

vi /etc/postfix/mysql-virtual_mailbox_limit_maps.cf
user = mail_admin 
password = mail_admin_password 
dbname = mail 
query = SELECT quota FROM mail_users WHERE email='%s' 
hosts = 127.0.0.1

mkdir -p /data
chmod o= /etc/postfix/mysql-virtual_*.cf
chgrp postfix /etc/postfix/mysql-virtual_*.cf
groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /data/vmail -m

#----------------------------------------


vmail 의 홈디렉토리는 메일이 저장되는 홈 디렉토리 이므로 적절한 공간에 위치해야 한다.
Postfix configuration
aaaa.co.kr으로 해당 도메인으로 변경해서 설정을 진행한다.
mailbox_base를 변경하고자 하면 앞서 vmail 사용자 추가시 vmail의 홈디렉토리를 변경후 해당 디렉토리를 사용한다.
첨부 파일 참조: main.cf
아래 postconf 명령을 수행하거나, /etc/postfix/main.cf 를 수정해 넣는다.






Next we do some Postfix configuration. Go sure that you replace server1.example.com with a valid FQDN, otherwise your Postfix might not work properly!

postconf -e 'myhostname = server1.example.com'
postconf -e 'mydestination = server1.example.com, localhost, localhost.localdomain'
postconf -e 'mynetworks = 127.0.0.0/8'
postconf -e 'virtual_alias_domains ='
postconf -e ' virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf'
postconf -e 'virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf'
postconf -e 'virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf'
postconf -e 'virtual_mailbox_base = /home/vmail'
postconf -e 'virtual_uid_maps = static:5000'
postconf -e 'virtual_gid_maps = static:5000'
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/smtpd.cert'
postconf -e 'smtpd_tls_key_file = /etc/postfix/smtpd.key'
postconf -e 'transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf'
postconf -e 'virtual_create_maildirsize = yes'
postconf -e 'virtual_maildir_extended = yes'
postconf -e 'virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf'
postconf -e 'virtual_mailbox_limit_override = yes'
postconf -e 'virtual_maildir_limit_message = "The user you are trying to reach is over quota."'
postconf -e 'virtual_overquota_bounce = yes'
postconf -e 'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks'


//$virtual_mailbox_limit_maps





Now we have to tell Courier that it should authenticate against our MySQL database. First, edit /etc/courier/authdaemonrc and change the value of authmodulelist so that it reads

authmodulelist="authmysql"
Then edit /etc/courier/authmysqlrc. It should look like this (again, make sure to fill in the correct database details):

MYSQL_SERVER localhost
MYSQL_USERNAME mail_admin
MYSQL_PASSWORD mail_admin_password
MYSQL_PORT 0
MYSQL_DATABASE mail
MYSQL_USER_TABLE mail_users
MYSQL_CRYPT_PWFIELD password
#MYSQL_CLEAR_PWFIELD password
MYSQL_UID_FIELD 5000
MYSQL_GID_FIELD 5000
MYSQL_LOGIN_FIELD email
MYSQL_HOME_FIELD "/home/vmail"
MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')
#MYSQL_NAME_FIELD  <-- 막을것..
MYSQL_QUOTA_FIELD quota
Then restart Courier:

/etc/init.d/courier-authdaemon restart
/etc/init.d/courier-imap restart
/etc/init.d/courier-imap-ssl restart
/etc/init.d/courier-pop restart
/etc/init.d/courier-pop-ssl restart



5) 테스팅
telnet localhost 25
ehlo mail.example.com

아래 명령이 나와야 함
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME

telnet localhost 110

명령을 수행하고
USER your id
PASS your password



Test
smtp 테스트
$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.comingmedia.com ESMTP Postfix (Ubuntu)
ehlo localhost
250-mail.yourdomain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: admin@aaaa.co.kr
250 2.1.0 Ok
rcpt to: admin@aaaa.co.kr
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
Subject: My first mail

Hi,
. (and Enter In a new Line)<

댓글목록

등록된 댓글이 없습니다.

114 (1/3P)

Search

Copyright © Cmd 명령어 18.191.189.124